The 80/20 Rule for Information Security

February 17, 2010 by ADMIN · 1 Comment

From The Team at MicroSolved

MicroSolved, Inc. (MSI) has developed the 80/20 Rule of Information Security that proposes the concept that 80% of an organizations’ real information security comes from only 20% of the assets and effort put into the program. These 13 security projects will give your organization the most effective information security coverage for the least expenditure of time and resources. These projects, once completed, should allow CIO’s to create an effective, efficient, and standards-based approach to information security…

SyferLock GridGuard Live On Infosec Island

February 16, 2010 by ADMIN · Leave a Comment

Press Release

Infosec Island, the new community for IT and information security professionals, today announced that its new enhanced authentication service based on the SyferLock™ GridGuard™ solution, is now live. Deploying this technology provides Infosec Island members with the option to login with a very high level of security for confidential business, personal or security-related communications. SyferLock’s GridOne authentication is available on Infosec Island to all registered members, and membership is free.

How A Security Company Applies Security

February 16, 2010 by ADMIN · Leave a Comment

By Larry Ketchersid, Chairman and CEO at MediaSourcery

Similar to security assessments, network architecture designs and other projects, a development project, such as this one involves the exchange of confidential data, including in this case, intellectual property designs, requirements documents, test plans, code fragments and road maps. We could have chose to exchange these documents over email, or printed them out and sent them next day parcel post. Instead, we ate our own dogfood and utilized IslandPKI encrypted document and message transfer…

WireHead Security Partners With NCICU

February 2, 2010 by ADMIN · Leave a Comment

From PRWeb

WireHead SecurityTM, an information security services firm providing customers with solutions to strengthen internal security and risk management, today announced a partnership agreement with the North Carolina Independent Colleges and Universities (NCICU), under which member institutions can take advantage of discounted service pricing. NCICU is comprised of North Carolina’s 36 private, non-profit liberal arts, comprehensive, and research colleges and universities accredited by the Southern Association of Colleges and Schools.

InfosecIsland.com Network Acquires ISR

January 18, 2010 by ADMIN · 1 Comment

Press Release

Infosec IslandTM, the new online community designed especially for IT and network professionals who manage information security, risk and compliance issues, today acquired Information-Security-Resources.com, one of the leading online news portals addressing security issues. ISR brings a number of high profile authors to Infosec Island, who will regularly offer their rich experience and broad set of security expertise for the benefit of the community. The combination of the two communities also allows for Infosec Island’s free and premium tools to be made available to ISR’s international audience – adding further value to their existing readership.

Top Ten Security SNAFU’s Of The Decade

January 17, 2010 by ADMIN · Leave a Comment

By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com

In the last decade we have seen technological breakthroughs unlike any other. In response we have seen a tremendous rise in fraud. The reason? The speed of the conveniences technology have far outpaced the security of technology. Here’s a list of the top ten of the last ten years…

Ten Most Damaging Data Breaches of 2009

December 4, 2009 by ADMIN · Leave a Comment

By Laton McCartney, Editor at CIOZone

Every week for the past four years the Privacy Rights Clearing House has been chronicling data breaches on a weekly basis. “These are the mega-breaches that can skew the figures in terms of the number of people victimized,” says Paul Stephens, PRCH’s director of policy and advocacy. Here are the ten biggest, most damaging and most embarrassing breaches to date this year.

Report: Data Breaches Hike Fraud Risk 400%

November 1, 2009 by ADMIN · 3 Comments

By Doug Pollack, Chief Marketing Officer for ID Experts

This report should be heeded by those banks, health care organizations, government agencies, insurance companies and others that we entrust with our social security and checking account numbers, birth dates and mothers’ maiden names, and in some cases our personal health information.

Tools for Quantifying Risk Exposure are Few

October 5, 2009 by ADMIN · Leave a Comment

By Doug Pollack, Chief Marketing Officer for ID Experts

The seeming inconsistency between the perception of being immune from data breach risks with the rapid growth in data breach incidents, led us to think about whether organizations can actually quantify their level of breach risk. We were somewhat surprised that there is not much available to organizations to help them in scoring their vulnerability.

PCI DSS Legitimizes Conflicts of Interest

July 11, 2009 by ADMIN · Leave a Comment

By Rachel James, Author and Cybercrime Authority at ID Experts

The rules and requirements for auditors reveal a number of potential conflicts of interest that could arise between an auditor and the entity it’s assessing. For example, many security auditors also make security products. The rules state that a security company will not use its status as auditor to market its products to companies it audits, but if the auditor should happen to find that the client would benefit from its product, it must also tell the client about competing products.

Categories
- Anthony M. Freed (26)
- Bill Brenner (2)
- Bob Violino (1)
- Bozidar Spirovski (23)
- Breach (540)
- Britt Womelsdorf (5)
- By Dr. InfoSec (2)
- Cara Garretson (7)
- CCCNews (1)
- Chorey Taylor & Feil (8)
- Christophe Veltsos (2)
- Christopher Burgess (7)
- CIOZone (26)
- Class Action Lawsuit (111)
- Cloud computing (106)
- Coby Royer (5)
- CTO Forum (9)
- D&O Liability (594)
- Daniel Wallace (5)
- Danny Lieberman (11)
- DataLine (10)
- David Alexander (2)
- Derek Crawford (1)
- Doug Pollack (7)
- due diligence (303)
- Fame Foundry (1)
- FEATURE ARTICLE (428)
- Financial (580)
- Fred Leland (7)
- Gene Kim (3)
- Government (366)
- Greg George (5)
- H1N1 (15)
- hackers (532)
- healthcare (127)
- Heather Bourgoin (1)
- HomeATM (8)
- identity-theft (528)
- IDExperts (17)
- Ike Z. Devji (1)
- Infosec Island Network (31)
- Insider Threat (483)
- Internet Crime Complaint Center (1)
- Internet Security Alliance (64)
- ISR News (321)
- Jacqueline Herships (2)
- Jenni Hesterman (3)
- John M. Salomon (2)
- John Watkins (7)
- John-Patrick Skaar (2)
- Kaliber Data Security and Compliance Consultants (3)
- Kat Sanders (2)
- Ken Leeser (3)
- Kevin L. Jackson (10)
- Kevin M. Nixon (21)
- Larry Ketchersid (1)
- Laton McCartney (7)
- Lauren Taylor (1)
- Linda McGlasson (1)
- malware (494)
- Mark Smail (1)
- Mark Wright (1)
- Mel Duvall (3)
- Michael Eggebrecht (3)
- Michael Lohr (1)
- Michael O'Conner (4)
- MicroSolved (1)
- Mike Duncan (3)
- Mike Meikle (4)
- Mike Spinney (1)
- Military (204)
- national security (446)
- PCI (301)
- PCI Security Standards Council (32)
- Physical Security (11)
- privacy (545)
- Rachel James (10)
- reach (4)
- Rebecca Herold (16)
- Richard Stiennon (44)
- Robert Siciliano (34)
- Sarbanes-Oxley (495)
- ScamStop (2)
- Sean Wilkins (2)
- Semyon Dukach (1)
- Simon Heron (14)
- Software Associates (11)
- Steven Fox (19)
- SUPERAntiSpyware (3)
- Sybase (6)
- Symplified (5)
- The Jester (8)
- The Privacy Professor (16)
- Thomas R. Fox (8)
- Tom Groenfeldt (2)
- Tom McLain (2)
- Trefis (14)
- Tripwire (18)
- Uncategorized (621)
- virtualization (94)
- Webcast (49)

Information Security Resources